Exchange 2003 Outlook 2010 64 Bit- AutoDiscover Connection Err - Certificate

Amos

Member
Outlook version
Outlook 2010 64 bit
Email Account
Exchange Server
My Outlook 2010 64 Bit (windows 7 64 Bit) is retrieving my mail form my Exchange server 2003

My Exchange 2003 server is part of my SBS 2003 R2

I have this configuration working well, with outlook 2010, with no problem - for more than 2 years.

But then suddenly few days ago outlook 2010 cannot connect the exchange 2003

On my client computer - When I load Outlook 2010 it gives the following ERROR message:

"AutoDiscover.<myDomain>.com

Information you exchange with this site cannot be viewed or

changed by others. However, there is a problem with the

site’s security certificate.


V The security certificate is from a trusted certifying authority.

V The security certificate date is valid

X The name on the security certificate is invalid or does not match the name of the site

Do you want to proceed?

Yes No View Certificate."


I have another client computer (my laptop) with windows 7 64 bit and *** outlook 2003 *** installed.

The outlook 2003 still connects to the same exchange server with no problem.

I read the forum and search the internet but didn't find the answer with that combination outlook 2010 and exchange 2003.

Any ideas on how can I reconnect my outlook to exchange back again.

Thanks

Amos
 

Diane Poremsky

Senior Member
Outlook version
Outlook 2016 32 bit
Email Account
Office 365 Exchange
Re: Exchange 2003 Outlook 2010 64 Bit- AutoDiscover Connection Err - Certifica

Did you check the expire date of the certificate? Outlook 2010 is fussier about certificates- clicking Yes to proceed should work - it did for me when my certificate expired.
 

Amos

Member
Outlook version
Outlook 2010 64 bit
Email Account
Exchange Server
Re: Exchange 2003 Outlook 2010 64 Bit- AutoDiscover Connection Err - Certifica

Did you check the expire date of the certificate? Outlook 2010 is fussier about certificates- clicking Yes to proceed should work - it did for me when my certificate expired.
One of my problems is that I don't exactly knows which certificate my outlook should use.

Another question is should I issue a new certificate ? which ? where (Local CA ?) ?

How do I attach it to my Exchange and to my Outlook ?

How can I make them know on each other's use ?

maybe I should use my current certificate. which is this ?

I suspect my outlook 2010 uses the wrong certificate that was never assigned by me (I am also the admin) to be the correct certificate.

It seems like the certificate somehow "evaded" to my system.

Let me elaborate some more:

When I receive the security alert window I quoted in my post, it marks Von the second line which says the security certificate date is valid.

The 3 lines on that security alert are :

V The security certificate is from a trusted certifying authority.

V The security certificate date is valid

X The name on the security certificate is invalid or does not match the name of the site



However on the above security alert window - when click on the "View Certificate..." button I get a "view certificate window" which details a cretificate that is not the original certificate from my system.

The certificate details of a certificate above says "Issued to" *ipage.com "Issued by:" RappidSSL CA valid until 2015

The fact that it is not issued by my system is important, since my system uses my server local CA.

(I never purchased 3rd party certificate)

When I launch my CA and the Certificates snap-ins on my SBS server, there is an All-purpose Certificate,

which is "Issued by" and "Issued to"<my-server-name>.<my-domain-name>.local - Which is valid till 2017

But as I said before apparently my outlook 2010 AUTODISVOER doesn't use it .

The iPage.com is not a total stranger here.

It is hosting my domain and receives my emails on the internet.

My Exchange server POP3 Connector, downloads my emails to my mail store and from that point on, my server should handle the mail independently without the intervention of iPage.
 

Amos

Member
Outlook version
Outlook 2010 64 bit
Email Account
Exchange Server
Re: Exchange 2003 Outlook 2010 64 Bit- AutoDiscover Connection Err - Certifica

Unfortunately the clicking Yes to proceed - didn't work for me. The connection to the exchange server status stayed "Disconnected".

The certificate there is valid until 2015, but it's a wrong one - see my post above.
 

Amos

Member
Outlook version
Outlook 2010 64 bit
Email Account
Exchange Server
Re: Exchange 2003 Outlook 2010 64 Bit- AutoDiscover Connection Err - Certifica

I explored the internet on my problem, and I might have grasped the problem better.

My local domain is <my domaim>.local

My External domain is <my domain>.co.il

My External domain is hosted at iPage.com

The autodiscovery uses the external domaim: autodiscovery. <my domain>.co.il

Thus it goes to iPage.com to look for my domain, and there he gets the wrong certificate,

I think that If I could redirect the autodiscovery. <my domain>.co.il- to <my domaim>.local, then it would retrieve the local certificate and the problem will be resolved.

I tried to edit the C:\Windows\System32\drivers\etc\hosts file - I added the following line:

<My server IP> autodiscovery. <my domain>.co.il

I also tried to add a CNAME record to my DNS as follows

autodiscovery. <my domain>.co.il à <my server>.<my domain>.local

Both tests failed - i.e.- the same security alert window Popped up

Which means I didn't succeed in the redirection

BTW - When I use the OWA from the client computer there is no problem and I can retrieve my email from the Server.
 

Amos

Member
Outlook version
Outlook 2010 64 bit
Email Account
Exchange Server
Re: Exchange 2003 Outlook 2010 64 Bit- AutoDiscover Connection Err - Certifica

Found a solution - by Recreating of my e-mail account - as follows:

1. I deleted my e-mail account.

2. Before recreating it - I deleted the <account-name>.ost file, from my outlook local AppData folder, i.e.: C:\Users\<user-name>\AppData\Local\Microsoft\Outlook

3. I closed Outlook.

4. I recreated the account from control-Panel | Mail | E-mail Accounts...

I recreated the account manualy (LAST option button) NOT automatically (1st option button)

5. While creating the account manually, just before clicking the "Check Names" in the "Server Name" text box - I entered its IP address instead of the <FQDN of the server name>. Just then I clicked the "Check Names".

6. Then I opened outlook again.

What a relief to see once again the Status line "Connected to Microsoft Exchange" and to watch all items feeling in my inbox again.

Almost a month of searching for solutions, endless tests (to Hosts file, DNS Server, adding keys to Registry creating xml local file etc. etc.) and a lot of frustration - has just ended.

Maybe this post will help someone someday somehow.

Good Luck

Amos
 

Diane Poremsky

Senior Member
Outlook version
Outlook 2016 32 bit
Email Account
Office 365 Exchange
Re: Exchange 2003 Outlook 2010 64 Bit- AutoDiscover Connection Err - Certifica

Thanks for the update!
 

Amos

Member
Outlook version
Outlook 2010 64 bit
Email Account
Exchange Server
Re: Exchange 2003 Outlook 2010 64 Bit- AutoDiscover Connection Err - Certifica

UNFOTUNATELY - The above solution of recreating my mail account - just worked for few hours.

The Disconected status is is back again,

Which means that the recreation of the email account - resets something until a later process is messing it up again.

I tried a solution I found at

https://mysite.uchicago.edu/personal/bsdad_tdenormandie/Blog/Lists/Posts/Post.aspx?List=686fd16f-3c7f-4bd4-b3d1-fd40ff9b6a89&ID=55

It didn't help reconnect my exchange, however it stopped the message above

"AutoDiscover.<myDomain>.com...

X The name on the security certificate is invalid or does not match the name of the site"

s

Briely the suggetion there was of 3 stages:

  • Add 2 registry key with regedit
  • Open HKCU\Software\Microsoft\Office\12.0\Outlook\Autodiscover
  • Add a new DWORD: PreferLocalXML = 1
  • Add a new REG_SZ: "Your Domain Name" for example abc.domain.com = path of a new file that you are going to create in following step for example C:\Program Files (x86)\Microsoft Office\Office12\OutlookAutoDiscover\abc.domain.com.XML


It sounds like a move in the right direction, but where do I go from here ?

 

Diane Poremsky

Senior Member
Outlook version
Outlook 2016 32 bit
Email Account
Office 365 Exchange
Re: Exchange 2003 Outlook 2010 64 Bit- AutoDiscover Connection Err - Certifica

Dang. :( Sorry to hear the fix wasn't long term.

All the xml file does is make it easier to set up the account. It won't fix the other problems if they are related to the certificate mismatch. If autodiscover points to the local server and the cert doesn't match the server names outlook is using, you'll still have problems.

What domain name does outlook use in File, account settings, double click on account. Is that the same as the certificate?
 

Amos

Member
Outlook version
Outlook 2010 64 bit
Email Account
Exchange Server
Re: Exchange 2003 Outlook 2010 64 Bit- AutoDiscover Connection Err - Certifica

Thank you for your answer and your patience.

In my mail account I use my email (amos@sbn-law.co.il) and my local exchange server which is <my server name>.sbn-law.local

I am aware of the certificate issue.

I discussed it in my 4th post above.

However if I managed to redirect AutoDiscover to my local server, I believe, there should be a match of the server noted in the certificate with my local server - because my client computer uses the certificate issued by my SBS Local CA.

After I followed the procedure of creating the 2 registry keys and the xml file the security alert window doesn't pop up, so I don't know if there is a problem with the certificate.

On the other hand if the security alert window doesn't pop up I might have succeeded in redirecting, and if the xml file is correct why the connection to the exchange server fails ?

What am I missing here ? what should i check next and where ?
 
Top